Module Pundit
In: lib/pundit.rb
lib/generators/pundit/install/install_generator.rb
lib/generators/pundit/policy/policy_generator.rb
lib/pundit/rspec.rb
lib/pundit/policy_finder.rb
lib/pundit/version.rb

frozen_string_literal: true

Methods

Classes and Modules

Module Pundit::Generators
Module Pundit::Helper
Module Pundit::RSpec
Class Pundit::AuthorizationNotPerformedError
Class Pundit::Error
Class Pundit::InvalidConstructorError
Class Pundit::NotAuthorizedError
Class Pundit::NotDefinedError
Class Pundit::PolicyFinder
Class Pundit::PolicyScopingNotPerformedError

Constants

SUFFIX = "Policy".freeze
VERSION = "2.0.1".freeze

Public Class methods

Retrieves the policy for the given record, initializing it with the record and user and finally throwing an error if the user is not authorized to perform the given action.

@param user [Object] the user that initiated the action @param record [Object] the object we‘re checking permissions of @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`) @param policy_class [Class] the policy class we want to force use of @raise [NotAuthorizedError] if the given query method returned false @return [Object] Always returns the passed object record

Retrieves the policy for the given record.

@see github.com/varvet/pundit#policies @param user [Object] the user that initiated the action @param record [Object] the object we‘re retrieving the policy for @raise [InvalidConstructorError] if the policy constructor called incorrectly @return [Object, nil] instance of policy class with query methods

Retrieves the policy for the given record.

@see github.com/varvet/pundit#policies @param user [Object] the user that initiated the action @param record [Object] the object we‘re retrieving the policy for @raise [NotDefinedError] if the policy cannot be found @raise [InvalidConstructorError] if the policy constructor called incorrectly @return [Object] instance of policy class with query methods

Retrieves the policy scope for the given record.

@see github.com/varvet/pundit#scopes @param user [Object] the user that initiated the action @param scope [Object] the object we‘re retrieving the policy scope for @raise [InvalidConstructorError] if the policy constructor called incorrectly @return [Scope{resolve}, nil] instance of scope class which can resolve to a scope

Retrieves the policy scope for the given record.

@see github.com/varvet/pundit#scopes @param user [Object] the user that initiated the action @param scope [Object] the object we‘re retrieving the policy scope for @raise [NotDefinedError] if the policy scope cannot be found @raise [InvalidConstructorError] if the policy constructor called incorrectly @return [Scope{resolve}] instance of scope class which can resolve to a scope

Protected Instance methods

Retrieves the policy for the given record, initializing it with the record and current user and finally throwing an error if the user is not authorized to perform the given action.

@param record [Object] the object we‘re checking permissions of @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`).

  If omitted then this defaults to the Rails controller action name.

@param policy_class [Class] the policy class we want to force use of @raise [NotAuthorizedError] if the given query method returned false @return [Object] Always returns the passed object record

Retrieves a set of permitted attributes from the policy by instantiating the policy class for the given record and calling `permitted_attributes` on it, or `permitted_attributes_for_{action}` if `action` is defined. It then infers what key the record should have in the params hash and retrieves the permitted attributes from the params hash under that key.

@see github.com/varvet/pundit#strong-parameters @param record [Object] the object we‘re retrieving permitted attributes for @param action [Symbol, String] the name of the action being performed on the record (e.g. `:update`).

  If omitted then this defaults to the Rails controller action name.

@return [Hash{String => Object}] the permitted attributes

Cache of policies. You should not rely on this method.

@api private rubocop:disable Naming/MemoizedInstanceVariableName

Retrieves the policy for the given record.

@see github.com/varvet/pundit#policies @param record [Object] the object we‘re retrieving the policy for @return [Object, nil] instance of policy class with query methods

Retrieves the policy scope for the given record.

@see github.com/varvet/pundit#scopes @param scope [Object] the object we‘re retrieving the policy scope for @param policy_scope_class [Class] the policy scope class we want to force use of @return [Scope{resolve}, nil] instance of scope class which can resolve to a scope

Cache of policy scope. You should not rely on this method.

@api private rubocop:disable Naming/MemoizedInstanceVariableName

Retrieves the params for the given record.

@param record [Object] the object we‘re retrieving params for @return [ActionController::Parameters] the params

@return [Boolean] whether authorization has been performed, i.e. whether

                  one {#authorize} or {#skip_authorization} has been called

@return [Boolean] whether policy scoping has been performed, i.e. whether

                  one {#policy_scope} or {#skip_policy_scope} has been called

Hook method which allows customizing which user is passed to policies and scopes initialized by {authorize}, {policy} and {policy_scope}.

@see github.com/varvet/pundit#customize-pundit-user @return [Object] the user object to be used with pundit

Allow this action not to perform authorization.

@see github.com/varvet/pundit#ensuring-policies-and-scopes-are-used @return [void]

Allow this action not to perform policy scoping.

@see github.com/varvet/pundit#ensuring-policies-and-scopes-are-used @return [void]

Raises an error if authorization has not been performed, usually used as an `after_action` filter to prevent programmer error in forgetting to call {authorize} or {skip_authorization}.

@see github.com/varvet/pundit#ensuring-policies-and-scopes-are-used @raise [AuthorizationNotPerformedError] if authorization has not been performed @return [void]

Raises an error if policy scoping has not been performed, usually used as an `after_action` filter to prevent programmer error in forgetting to call {policy_scope} or {skip_policy_scope} in index actions.

@see github.com/varvet/pundit#ensuring-policies-and-scopes-are-used @raise [AuthorizationNotPerformedError] if policy scoping has not been performed @return [void]

[Validate]